| 1 |
commit: 4e89ec853a42dd375ccc12057c9376e6786d44ba |
| 2 |
Author: John Helmert III <jchelmert3 <AT> posteo <DOT> net> |
| 3 |
AuthorDate: Fri Jun 19 03:50:19 2020 +0000 |
| 4 |
Commit: Aaron Bauman <bman <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Jun 28 22:16:56 2020 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4e89ec85 |
| 7 |
|
| 8 |
app-text/hunspell: Patch CVE-2019-16707 |
| 9 |
|
| 10 |
Bug: https://bugs.gentoo.org/717968 |
| 11 |
Package-Manager: Portage-2.3.101, Repoman-2.3.22 |
| 12 |
Signed-off-by: John Helmert III <jchelmert3 <AT> posteo.net> |
| 13 |
Closes: https://github.com/gentoo/gentoo/pull/16320 |
| 14 |
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org> |
| 15 |
|
| 16 |
.../files/hunspell-1.7.0-CVE-2019-16707.patch | 22 ++++++ |
| 17 |
app-text/hunspell/hunspell-1.7.0-r2.ebuild | 89 ++++++++++++++++++++++ |
| 18 |
2 files changed, 111 insertions(+) |
| 19 |
|
| 20 |
diff --git a/app-text/hunspell/files/hunspell-1.7.0-CVE-2019-16707.patch b/app-text/hunspell/files/hunspell-1.7.0-CVE-2019-16707.patch |
| 21 |
new file mode 100644 |
| 22 |
index 00000000000..649eef5b293 |
| 23 |
--- /dev/null |
| 24 |
+++ b/app-text/hunspell/files/hunspell-1.7.0-CVE-2019-16707.patch |
| 25 |
@@ -0,0 +1,22 @@ |
| 26 |
+From ac938e2ecb48ab4dd21298126c7921689d60571b Mon Sep 17 00:00:00 2001 |
| 27 |
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@××××××.com> |
| 28 |
+Date: Tue, 12 Nov 2019 20:03:15 +0000 |
| 29 |
+Subject: [PATCH] invalid read memory access #624 |
| 30 |
+ |
| 31 |
+--- |
| 32 |
+ src/hunspell/suggestmgr.cxx | 2 +- |
| 33 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
| 34 |
+ |
| 35 |
+diff --git a/src/hunspell/suggestmgr.cxx b/src/hunspell/suggestmgr.cxx |
| 36 |
+index dba084e9..c23f165a 100644 |
| 37 |
+--- a/src/hunspell/suggestmgr.cxx |
| 38 |
++++ b/src/hunspell/suggestmgr.cxx |
| 39 |
+@@ -2040,7 +2040,7 @@ int SuggestMgr::leftcommonsubstring( |
| 40 |
+ int l2 = su2.size(); |
| 41 |
+ // decapitalize dictionary word |
| 42 |
+ if (complexprefixes) { |
| 43 |
+- if (su1[l1 - 1] == su2[l2 - 1]) |
| 44 |
++ if (l1 && l2 && su1[l1 - 1] == su2[l2 - 1]) |
| 45 |
+ return 1; |
| 46 |
+ } else { |
| 47 |
+ unsigned short idx = su2.empty() ? 0 : (su2[0].h << 8) + su2[0].l; |
| 48 |
|
| 49 |
diff --git a/app-text/hunspell/hunspell-1.7.0-r2.ebuild b/app-text/hunspell/hunspell-1.7.0-r2.ebuild |
| 50 |
new file mode 100644 |
| 51 |
index 00000000000..209dab4e6da |
| 52 |
--- /dev/null |
| 53 |
+++ b/app-text/hunspell/hunspell-1.7.0-r2.ebuild |
| 54 |
@@ -0,0 +1,89 @@ |
| 55 |
+# Copyright 1999-2020 Gentoo Authors |
| 56 |
+# Distributed under the terms of the GNU General Public License v2 |
| 57 |
+ |
| 58 |
+EAPI=7 |
| 59 |
+inherit autotools flag-o-matic |
| 60 |
+ |
| 61 |
+MY_P="${PN}-${PV/_beta/b}" |
| 62 |
+ |
| 63 |
+DESCRIPTION="Hunspell spell checker - an improved replacement for myspell in OOo" |
| 64 |
+SRC_URI="https://github.com/hunspell/hunspell/archive/v${PV}.tar.gz -> ${P}.tar.gz" |
| 65 |
+HOMEPAGE="https://github.com/hunspell" |
| 66 |
+ |
| 67 |
+SLOT="0/$(ver_cut 1-2)" |
| 68 |
+LICENSE="MPL-1.1 GPL-2 LGPL-2.1" |
| 69 |
+IUSE="ncurses nls readline static-libs" |
| 70 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris" |
| 71 |
+ |
| 72 |
+RDEPEND=" |
| 73 |
+ ncurses? ( sys-libs/ncurses:0= ) |
| 74 |
+ readline? ( sys-libs/readline:= ) |
| 75 |
+" |
| 76 |
+DEPEND="${RDEPEND} |
| 77 |
+ sys-devel/gettext |
| 78 |
+" |
| 79 |
+ |
| 80 |
+LANGS="af bg ca cs cy da de de-1901 el en eo es et fo fr ga gl he hr hu ia id |
| 81 |
+is it kk km ku lt lv mi mk ms nb nl nn pl pt pt-BR ro ru sk sl sq sv sw tn uk |
| 82 |
+zu" |
| 83 |
+ |
| 84 |
+PDEPEND="" |
| 85 |
+for lang in ${LANGS}; do |
| 86 |
+ IUSE+=" l10n_${lang}" |
| 87 |
+ case ${lang} in |
| 88 |
+ de-1901) dict="de_1901" ;; |
| 89 |
+ pt-BR) dict="pt-br" ;; |
| 90 |
+ *) dict="${lang}" ;; |
| 91 |
+ esac |
| 92 |
+ PDEPEND+=" l10n_${lang}? ( app-dicts/myspell-${dict} )" |
| 93 |
+done |
| 94 |
+unset dict lang LANGS |
| 95 |
+ |
| 96 |
+S="${WORKDIR}/${MY_P}" |
| 97 |
+ |
| 98 |
+DOCS=( |
| 99 |
+ AUTHORS ChangeLog NEWS THANKS license.hunspell |
| 100 |
+ license.myspell README.md |
| 101 |
+) |
| 102 |
+ |
| 103 |
+PATCHES=( |
| 104 |
+ # Upstream package creates some executables which names are too generic |
| 105 |
+ # to be placed in /usr/bin - this patch prefixes them with 'hunspell-'. |
| 106 |
+ # It modifies a Makefile.am file, hence eautoreconf. |
| 107 |
+ "${FILESDIR}/${PN}-1.7.0-renameexes.patch" |
| 108 |
+ |
| 109 |
+ "${FILESDIR}/${PN}-1.7.0-tinfo.patch" #692614 |
| 110 |
+ "${FILESDIR}/${PN}-1.7.0-CVE-2019-16707.patch" |
| 111 |
+) |
| 112 |
+ |
| 113 |
+src_prepare() { |
| 114 |
+ default |
| 115 |
+ eautoreconf |
| 116 |
+} |
| 117 |
+ |
| 118 |
+src_configure() { |
| 119 |
+ # missing somehow, and I am too lazy to fix it properly |
| 120 |
+ [[ ${CHOST} == *-darwin* ]] && append-libs -liconv |
| 121 |
+ |
| 122 |
+ # I wanted to put the include files in /usr/include/hunspell. |
| 123 |
+ # You can do that, libreoffice can find them anywhere, just |
| 124 |
+ # ping me when you do so ; -- scarabeus |
| 125 |
+ local myeconfargs=( |
| 126 |
+ $(use_enable nls) |
| 127 |
+ $(use_with ncurses ui) |
| 128 |
+ $(use_with readline readline) |
| 129 |
+ $(use_enable static-libs static) |
| 130 |
+ ) |
| 131 |
+ econf "${myeconfargs[@]}" |
| 132 |
+} |
| 133 |
+ |
| 134 |
+src_install() { |
| 135 |
+ default |
| 136 |
+ einstalldocs |
| 137 |
+ find "${ED}" -type f -name '*.la' -delete || die |
| 138 |
+ |
| 139 |
+ #342449 |
| 140 |
+ pushd "${ED}"/usr/$(get_libdir)/ >/dev/null |
| 141 |
+ ln -s lib${PN}{-$(ver_cut 1).$(ver_cut 2).so.0.0.1,.so} |
| 142 |
+ popd >/dev/null |
| 143 |
+} |
Archives